1. Field of the Invention
This invention relates to processors and, more particularly, to integration of cryptographic and general-purpose functionality within a processor.
2. Description of the Related Art
Securing transactions and communications against tampering, interception and unauthorized use, as well as verifying the integrity of data that may have been corrupted or tampered with, have become problems of increasing significance as new forms of electronic commerce and communication proliferate. For example, many businesses provide customers with Internet-based purchasing mechanisms, such as web pages via which customers may convey order and payment details. Such details often include sensitive information, such as credit card numbers, that might be subject to fraudulent use if intercepted by a third party.
To provide a measure of security for sensitive data, cipher algorithms have been developed that allow encryption of sensitive information before it is conveyed over an insecure channel. The information may then be decrypted and used by the receiver. However, as the performance of generally available computer technology continues to increase (e.g., due to development of faster microprocessors), less sophisticated cryptographic algorithms become increasingly vulnerable to compromise or attack.
Similarly, to provide a means for ascertaining data integrity, various types of hash algorithms have been developed. Generally speaking, a hash algorithm may be configured to generate a condensed representation, or hash value, of an input stream of data. For typical hash algorithms, any change to the input data stream typically results in differing hash values. Often, as in the case of cryptographically strong hash algorithms, any change to the input data stream is virtually certain to result in differing hash values. For example, for the secure hash algorithm SHA-256, the probability of a differing hash value not occurring upon a change to the input data stream (i.e., the probability of two streams hashing to the same value) is on the order of 2−256. Thus, if a given computed hash value of a data stream does not match an earlier-computed hash value of that data stream, the integrity of the data stream may have been compromised. As an example, “known good” hash values of a data stream may be computed before the data stream is conveyed via an insecure medium and conveyed along with the data stream. At the receiving end, the hash value of the received data stream may be computed and compared against the received hash value to provide a data integrity check.
Collectively, such cipher, hash and similar algorithms may be referred to as cryptographic algorithms. Increasingly sophisticated cryptographic algorithms are continually evolving to meet the threat posed by new types of attacks. However, as such algorithms become more powerful, they often become more complex to implement and may add additional processing overhead to transactions that the algorithms are intended to secure. In some conventional embodiments, cryptographic algorithms may be implemented directly within computational hardware. However, typical hardware cryptographic implementations provide opaque programming interfaces to software that hide the details of cryptographic hardware operation from user-visible software. By providing opaque, abstract software interfaces, such conventional implementations may inhibit optimal use of cryptographic hardware.